An entity (e.g., a financial institution) may manage an account (e.g., a financial transaction account) associated with a customer. An agent may, on behalf of the entity, perform one or more actions associated with a customer's information. For instance, the agent may view personal information associated with the customer's account. As a further instance, the agent may execute a monetary transaction associated with the customer's account. There is a need for a system to monitor the agent's actions in order to be able to determine whether any single action (and/or a combination of actions) associated with an agent poses a risk to the entity and/or to the customer's information. In addition to determining whether an agent's actions, either singly or cumulatively, pose a risk to the entity and/or to the customer's information, there is a need to quantify the risk associated with a single action and/or a set of actions executed over a period of time.